Abstract: The present invention is a method and system for high-assurance data tagging for input/output feeds. The method may include executing a high-assurance tagging application on a microprocessor (e.g., the microprocessor being designed for use in a high-assurance embedded system). Further, the method may include analyzing a message with the high-assurance tagging application and generating and attaching a tag to the message. In addition, the method may include binding the tag to the message by applying a message authentication scheme and providing a mechanism for down-stream applications to identify information about data included in the message by reference to the tag.

Abstract: A system providing a scalable distributed operating environment is provided. The system may include a cryptographic module for encrypting communications for transmission over an external network. Further, more than one classified processor may be communicatively coupled to the cryptographic module for handling classified processes and information. In addition, more than one unclassified processor may also be communicatively coupled to the cryptographic module for handling unclassified processes and information. The number of classified and unclassified processors activated upon selection of a waveform is dependent upon the degree of complexity of the waveform.

Abstract: The present invention is a method and system for high performance programmable cryptography. In an embodiment of the invention, a cryptography system in accordance with the present invention may include a processor with memory, at least two field programmable gate array (FPGA) blocks and control logic which may be algorithm independent. Programming files storing one or more crypto algorithms may be maintained remotely to the cryptography system whereby the cryptography system may remain not cryptographically controlled when un-programmed. FPGA blocks may be field-programmed to allow execution of a desired crypto algorithm. Additionally, with multiple FPGA logic blocks, programming of a first FPGA block may be simultaneously performed with the execution of a crypto algorithm via a second FPGA block to enable enhanced encryption rate performance.

Abstract: The present invention is directed to a system for providing a trusted environment for untrusted computing systems. The system may include a HAC subsystem managing shared resources and a trusted bus switch for controlling a COTS processor to access the shared resources. The shared resources such as memory and several I/O resources reside on the trusted side of the trusted bus switch. Alternatively, the system may include a SCM as an add-on module to an untrusted host environment. Only authenticated applications including COTS OS execute on the SCM while untrusted applications execute on the untrusted host environment. The SCM may control secure resource access from the untrusted host through a plug-in module interface. All secure resources may be maintained on the trusted side of the plug-in module interface.

Abstract: The present invention is directed to a system for providing a trusted environment for untrusted computing systems. The system may include a HAC subsystem managing shared resources and a trusted bus switch for controlling a COTS processor to access the shared resources. The shared resources such as memory and several I/O resources reside on the trusted side of the trusted bus switch. Alternatively, the system may include a SCM as an add-on module to an untrusted host environment. Only authenticated applications including COTS OS execute on the SCM while untrusted applications execute on the untrusted host environment. The SCM may control secure resource access from the untrusted host through a plug-in module interface. All secure resources may be maintained on the trusted side of the plug-in module interface.

Abstract: An improved micro architectural approach for a network microprocessor has low power consumption, and employs two specialized processing cores, a MAC processing core and a network processor core. Each of these processing cores has facilities designed for a specific set of functions, to handle ISO layer 2 and layer 3 functionality in a packet switched Software Defined Radio mobile network.

Abstract: The present invention is a MILS network system employing functional separation of messages without customized switches. The MILS network system may maintain separation of data while eliminating a requirement of full message encryption. In an embodiment of the invention, a function may be employed whereby a keyed digest of a message is created. The function may receive a message and a key, and may emit a keyed digest value. The key may be representative of a particular level of security, thus promoting the separation of data. Messages may include an embedded keyed digest when sent through a switch to a MILS node. At the MILS node, the keyed digest may be recalculated, if it matches, the message may be passed to a host.

Abstract: A multiple security level power managed processing system and method of managing power consumption in a multi security level system is disclosed. The system includes a plurality of nodes having a processor, associated memory and a processor interface. A plurality of processors individually may include multiple independent processing security levels, such as a first processing level and a second processing level. A MILS processor-to-processor network connects the plurality of processors. The system may be configured to distribute the application among the processing levels corresponding to a specific level of security. Power management profiles are used to control operation of the processors to maximize power efficiency while meeting security criteria.

Abstract: An improved micro architectural approach for a network microprocessor has low power consumption, and employs two specialized processing cores, a MAC processing core and a network processor core. Each of these processing cores has facilities designed for a specific set of functions, to handle ISO layer 2 and layer 3 functionality in a packet switched Software Defined Radio mobile network.

Abstract: A prognostic processor for predicting machine failure in avionics electronics comprises prognostic capabilities in a single integrated circuit, with a processor, volatile and non-volatile memory, clock, on-chip and off-chip sensors and transducers, A/D converters, a common I/O interface adapted to be employed in a network of similar prognostic processors, and predictive Failure Analysis (FA) model software, which may be distributed throughout the network. The FA software employs a log file history, with the log file history storing data collected by the prognostic processor, real-time execution of a predictive model, with the ability to update the FA model with data from field failures. The prognostic processor network supports hierarchical processing to work with multiple prognostic processors. The prognostic processor system is applicable to FA monitoring of a wide range of avionics electronic equipment, in particular, Line Replacement Units (LRUs).

Abstract: An improved architectural approach for implementation of a low power, scalable topology for a software defined radio (SDR). Low power processors and switching elements forming building blocks are employed in an embedded switched fabric architecture network having a repeating building block topology that advantageously employs wormhole routing and has self-healing, fail-safe properties. Differential signaling is used and data rates in excess of 250 Mbps are possible. In one embodiment a dual civilian and military channel SDR is disclosed; in other embodiments, a plurality of independent SDR channels, with or without encryption, are disclosed. A plurality of different topologies are disclosed including torodial topologies having a planar topology with orthogonal connections, a planar topology with orthogonal and diagonal connections, and a cube topology with both orthogonal and/or diagonal connections.

Abstract: Optoelectronic materials are provided that are bistable organic tautomeric compositions that intraconvert dithio or diseleno carbamate esters and cyclic 1,3-dithia- or -diselena-2-iminium salts of ?-conjugated bis-anthracenyl compounds. Specifically disclosed are compounds having the formula: where X is sulfur or selenium; where the R and R1 groups are alkyl or alkyl that together form a ring of carbon atoms; where An is the anion of a strong acid; and where the Z element is a chiral ring-completing system of atoms that changes chirality on tautomerization. These molecules are in themselves molecular-sized optoelectronic switching devices.

Abstract: A method and apparatus for maintaining a communications connection with data packet authentication wherein a data packet is received. For each received data packet, a determination is made as to which communications connection the received data packet is associated with, authenticating the data packet to the associated communications connection and forwarding the data packet when it is authentic to the communications connection.

Abstract: A method and apparatus for providing high assurance processing are herein disclosed. According to this example method, high assurance processing is provided by selecting a first active partition. A processor access cycle is received from a processor. Data is retrieved from a device according to the processor access cycle. The retrieved data is validated according to a selected active partition. The validated data is provided the processor.